RiskLens Blog

Jack Jones in Homeland Security Today: Feds Need a Game Plan for Their ‘Crown Jewels’

Posted December 6, 2018 by Jeff B. Copeland

In a lead article on the Homeland Security Today website, A Game Plan to Identify, Protect Information Crown Jewels, RiskLens Co-Founder and Chief Risk Scientist Jack Jones has some advice for federal agencies required to identify and prioritize risk management on their “crown jewels”: Get a clearer picture on your high-value assets, then get an effective risk analysis model to guide your security investments. ... Continue Reading

Boards Adding Cybersecurity Committees, Wall St. Journal Reports

Posted November 28, 2018 by Jeff B. Copeland

A few pioneering boards are “taking the bold step of forming a full-fledged committee focused on cybersecurity,” the WSJ Pro Cybersecurity newsletter reports (subscribe to the newsletter to read the article).   ... Continue Reading

Case Study: RiskLens Clarifies Complicated Decision on Multifactor Authentication

Posted November 21, 2018 by Tim Wynkoop

I recently ran an analysis for a major bank that I think shows the power of both the FAIR Model for thinking through cybersecurity investment decisions and the power of the RiskLens CRQ platform for quickly running the numbers to support those decisions, often with surprising results.   ... Continue Reading

Cyber Risk Communication to the Board: Getting Better All the Time

Posted October 26, 2018 by Jeff B. Copeland

In a recent survey of board members by PwC,  82% said that cyber threats had moved from an IT issue to one that would drive overall strategic change for their companies. It’s an evolutionary change in board attitudes ... Continue Reading

Do I Need to Be a Math Nerd to Perform FAIR Analysis? Part 1

Posted October 3, 2018 by David Musselwhite

Quantitative cyber risk analytics using FAIR is an inherently mathematical endeavor. Estimates for the factors of risk (like loss event frequency and loss magnitude) are expressed using probability distributions ... Continue Reading

Case Study: ‘High Risk’ Audit Finding Doesn't Hold Up to FAIR Analysis

Posted August 20, 2018 by Tim Wynkoop

I recently worked with a retail organization to run a FAIR analysis on an audit finding and settle a difference between the IT and Internal Audit teams.  It’s a simple story but one that shows the power of quantitative risk analysis to get beyond guesswork and gut feelings ... Continue Reading

Introducing RiskLens Loss Exceedance Charts

Posted August 1, 2018 by Bryan Smith

Have you ever looked at the results in a RiskLens risk analysis and wondered what's the probability that a loss will hit the max? Or looked at the results and tried to answer how much risk you are comfortable with? If so the new Loss Exceedance Charts introduced in RiskLens 2.2.7 are your answer. ... Continue Reading

CIROs: Do Your Analysts Use the Right Risk Model for Cost-Effective Decision Making?

Posted July 12, 2018 by Cody Whelan

A question I don’t hear from enough CIROs, CISOs and other cybersecurity and  risk executives is, “what framework or model did we use to come up with these risk analysis results?"  Considering how much effort, time and resources stem from a decision made on those results, this has always struck me as odd.  ... Continue Reading

Assessing Cyber Risk in Legacy Systems with RiskLens

Posted July 10, 2018 by Taylor Maze

Here's a quick look at the power of cyber risk analytics with the FAIR model and the RiskLens application to solve an everyday business problem. A RiskLens colleague and I recently helped a risk team in the information industry quantify the risk associated with a legacy server. In the process, the organization was also able to gain some important insights into their IT environment and cybersecurity risk management in general.  ... Continue Reading

Webinar: Why Choose RiskLens and Cyber Risk Quantification

Posted June 28, 2018 by Jeff B. Copeland

Give us 54 minutes for this recorded webinar right now and two of our most efficient explainers of cyber risk quantification will walk you through the driving forces that are revolutionizing the way that cyber risk is measured and managed. ... Continue Reading

Sign Up for Blog Updates

Popular Posts